- Hacker group wants Nvidia to make faster crypto mining chips.
- The group threatens to leak Nvidia’s original trade secret code.
- 71,000 Nvidia employee data reportedly breached according to HaveIBeenPwned.
Last Friday, reports of a cyberattack on Nvidia broke out. America’s leading chip manufacturer confirmed a blackout on its business operations for close to 48 hours and attempted to quell panic by assuring frantic users that the attack has no effect on its service to customers. Shortly after, a ransomware hacker collective group, LAPSUS$ claimed responsibility for the attack, adding that it had stolen over 1 terabyte of the company’s data and will most likely release them to the public if its demands are not met.
LAPSUS$ Demands
LAPSUS$ wants Nvidia to remove all LHR limitations to its GPU hash rate that prevents faster crypto mining activities. It also wants Nvidia to publish the base codes of its GPU drivers as open-source, making them publicly accessible and openly modifiable forever.
Originally, Nvidia’s GPU was manufactured for gamers’ use, but the company has seen a rather unexpected increase in purchases of its GPU by crypto miners, leading to a shortage of chips in the market since last year. Nvidia took steps to combat the problems of unintended use by placing a mining detection feature that cuts mining speed automatically into half once it detects crypto mining use.
The hacker group is looking to make $1 million off the sale of Nvidia’s nerf blocking feature, and had already threatened to release some of the most private trade secrets including its base source code, should the chip manufacturing company fail to comply. It had given Friday as an ultimatum in a telegram post that reads:
“We decided to help mining and gaming company. We want Nvidia to publish an update for all 30 series firmware that remove every LHR (light hash rate) limitations otherwise we will leak HW folder. If they remove LHR, we forget about HW folder (it’s a big folder). We both know LHR impact mining and gaming.”
 
 
As of the last reporting, close to 71,000 data credentials of Nvidia clients and workers have been reportedly breached. While the implications are huge for the microchip industry, this is not the first time LAPSUS$ would dare with delicate corporations. The group is also credited with taking down top Portuguese media companies, Impressa, including Claro telecommunications company and the Brazilian Ministry of health.
As the drawdown to its ultimatum approaches, the crypto community remains keen to see if Nvidia would cede to its demands. Attainment for LAPSUS$, which is believed to have a significant interest in cryptocurrencies, would boost mining in the crypto market and more yields, especially for Ethereum miners.